Thanks for everyone's input :) After analyzing my requirements, I think that a router will work fine for now. However, when I add additional services and machines, I will be bringing back my trusty and dusty old P3 machine running iptables. This box is pretty stripped down and secured to the best of my ability. I've gone so far as to place an IDS on it for good measure. Overkill maybe, but it keeps me sane. The points made about both ICMP and forged packets are good ones. I forgot about these... A router (at least the one I have blinking at me) isn't going to handle these properly where a few rules in iptables can drop and log these easily enough. I forgot about these simple exploits. All that said... When it comes time to add a firewall what is the best practice if I were to put it into the mix with a router? If anything, I just want to satisfy my own curiosity about this particular configuration.... Would it be something like: Internet->Firewall (iptables)->Router->LAN Or Internet->Router->Firewall (iptables)->LAN This first setup makes more sense to me as the f/w is the first point of contact where packets are inspected then forwarded, dropped, and/or logged before getting routed to the internal LAN. Thanks Again! Alejandro -- redhat-list mailing list unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe https://www.redhat.com/mailman/listinfo/redhat-list
